From owner-freebsd-current  Thu Oct 26 11: 6:55 2000
Delivered-To: freebsd-current@freebsd.org
Received: from pike.osd.bsdi.com (pike.osd.bsdi.com [204.216.28.222])
	by hub.freebsd.org (Postfix) with ESMTP id E20A937B4CF
	for <current@FreeBSD.org>; Thu, 26 Oct 2000 11:06:52 -0700 (PDT)
Received: from laptop.baldwin.cx (ether.osd.bsdi.com [204.216.28.196])
	by pike.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9QI5mf45132;
	Thu, 26 Oct 2000 11:05:49 -0700 (PDT)
	(envelope-from jhb@FreeBSD.org)
Message-ID: <XFMail.001026110634.jhb@FreeBSD.org>
X-Mailer: XFMail 1.4.0 on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <39F807E6.69AD0CBB@zort.on.ca>
Date: Thu, 26 Oct 2000 11:06:34 -0700 (PDT)
From: John Baldwin <jhb@FreeBSD.org>
To: Rod Taylor <rbt@zort.on.ca>
Subject: Re: entropy reseeding is totally broken
Cc: current@FreeBSD.org, Doug Barton <DougB@gorean.org>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


On 26-Oct-00 Rod Taylor wrote:
> Doug Barton wrote:
>> 
>> Wesley Morgan wrote:
>> >
>> > I'm not knocking anyone or any code, especially considering this IS
>> > -current... BUT... I don't need to read the code to know that I am seeing
>> > the same fortunes on first login after reboot more often than I can
>> > attribute to random chance. Maybe nanotime is being harvested, but it
>> > seems that there is a time lag between system startup and reaching a state
>> > of "true pseudo-entropy". Also, every reboot has entropy caching failing
>> > to work. I don't know if this is a product of the broken reseeding or
>> > what, because the /etc/rc files seem to be fine.
>> 
>>         How exactly are you rebooting? If you're using the 'reboot' command,
>> that explains why entropy reseeding is not working. As has been
>> discussed several times on -current, you only run rc.shutdown if you use
>> another method, like 'shutdown -r now', 'init 6', or even the trust
>> three-finger salute.
> 
> How about when I hit the reset button?  That case SHOULD be taken care
> of too!  Would it not be possible to sample /dev/random to store the
> entropy every hour or so that the system runs?  Atleast that way you
> would be guarenteed to have something.

And if a malicious user on your machine grabs the saved entropy file
and then reboots your machine using some exploit of some sort?  Granted
neither of these tasks may be easy, and it could be done in such a way
that the first requires root access.

-- 

John Baldwin <jhb@FreeBSD.org> -- http://www.FreeBSD.org/~jhb/
PGP Key: http://www.baldwin.cx/~john/pgpkey.asc
"Power Users Use the Power to Serve!"  -  http://www.FreeBSD.org/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message